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(57)Abstract: 

PROBLEM TO BE SOLVED: To keep a usual 
privacy with respect to the gateway system 




mediating data communication a network on a 
computer network and other network. 
SOLUTION: This system mediates a network 2 
with high security and an external network 3 
with low security. A communication text from 
the internal network 2 to the external network 
3 is ciphered by using a secret key of a sender 
user among secret keys different from each 
user of the internal network 2 and sent to the 



external network 3 r and the control means text 
from the external network 3 to the internal 
network 2 is decoded by using a secret key of a 
reception destination user in the internal network 2. 
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* NOTICES * 

JPO and INPIT are not responsible for any 
damages caused by the use of this translation. 

1This document has been translated by computer. So the translation may not reflect 
the original precisely. 

2.**** shows the word which can not be translated. 
3.1n the drawings, any words are not translated. 



CLAIMS 



[Claim(s)] 

[Claim 1] The 1st network which has two or more 1st terminals which perform data 
communication via the 1st communication line and this 1st communication line, In the 
gateway system which mediates between the data communication between the 2nd 
network which has two or more 2nd terminals which perform data communication via 
the 2nd communication line and this 2nd communication line The 1st receiving means 
which receives the data which have communicated via said 2nd communication line, 
The 1st transmitting means which transmits data to said 1st communication line, and 
the 1st database with which a private key corresponding to said each of 1st terminal 
which is mutually different was registered, Have been transmitted towards the 1st 
accepting station of either of said 1st terminal via said 2nd communication line. The 
gateway system characterized by having a decryption means to decrypt the data 
enciphered with the public key of this 1st accepting station with the private key of this 
1st accepting station read from said 1st database, and to pass them to said 1st 
transmitting means. 

[Claim 2] The 2nd receiving means which receives the data transmitted via said 1st 
communication line, The 2nd transmitting means which transmits data to said 1st 
communication line, and the 2nd database with which the public key of said 2nd 
terminal is registered. The data transmitted towards the 2nd accepting station of 
either of said 2nd terminal via said 1st communication line The gateway system 
according to claim 1 characterized by having the encryption means which enciphers 
with the public key of this 2nd accepting station read from said 2nd database, and is 
passed to said 2nd transmitting means. 

[Claim 3] The gateway system according to claim 2 by which it has a transmission 
place public key acquisition means to order and register the public key of this 2nd 
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accepting station from a predetermined public key distribution station when the public 
key of said 2nd accepting station is not registered into said 2nd database, and said 
2nd database is characterized by being that to which only a predetermined period 
holds the registered public key. 

[Claim 4] Said 1st database is a gateway system according to claim 1 characterized 
by having a public key distribution means by which come to register the public key of 
this 1st terminal, and this gateway system turns the public key of said 1st terminal to 
said 2nd network, and distributes it with the private key of said 1st terminal. 
[Claim 5] The gateway system according to claim 1 characterized by coming to 
connect said 1st database with the location which made said 1st communication line 
intervene between said decryption means. 



DETAILED DESCRIPTION 



[Detailed Description of the Invention] 
[0001] 

[Field of the Invention] This invention relates to the gateway system which mediates 
between the data communication between a certain network on a computer network, 
and other networks. 
[0002] 

[Description of the Prior Art] The user of Internet which is a global computer network 
increases with explosive vigor, and it is said that it amounted to 40 million people in 
the phase in 1995. Thus, the Internet has adopted open architecture as the 
background into which the Internet has developed. The needs that this will be used for 
business have been increasing as the Internet attracts attention. However, having 
adopted open architecture suffered misfortune and there was no Internet in the 
secure environment where the communicative secret that a business youth could be 
borne was maintained. Then, if the framework of privacy strengthening, such as PEM 
(Privacy Enhanced Mail) using various encoding technology and PGP (Prity Good 
Privacy), is proposed, a standardization is progressing and these frameworks are used, 
also in the Internet, a communication link will become fully possible. 
[0003] On the other hand, security is fully maintained and the network of a 
centralized-control mold like personal computer communications can be said to be 
not using the framework of privacy strengthening currently used by the Internet, 
unless communication lines, such as the telephone line, are intercepted. However, the 
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Internet and personal computer communications promote cooperation mutually, are 
the communication link tool of an electronic mail and others, and are becoming 
exchangeable. Therefore, in order to communicate between personal computer 
communications and the Internet in the gateway which carries out mediation between 
them, a certain treatment about security is needed. Privacy strengthening is 
processed for the communication link left from personal computer communications to 
the Internet and when privacy strengthening is made by the communication link which 
comes into personal computer communications from the Internet, the processing 
must be solved and, specifically, it must be made the form which is in sight of a 
personal-computer-communications user. 

[0004] Drawing 7 is the outline block diagram of the conventional gateway system 
constituted as mentioned above. In this Fig., the network which is hard to say that the 
internal network 2 is fully secure unless a special thing [ like the Internet ] whose 
network secure enough like personal computer communications and external network 
3 are is done is pointed out and the gateway system (it may be hereafter written as 
"GW") 1 is bearing the role rate of mediation between these interior network 2 and 
the external network 3. In addition, although the internal network 2 and the external 
network 3 may be respectively independent networks, each may be the aggregate of 
two or more networks. 

[0005] If the correspondence from a master station with the internal network 2 is 
received, the gateway system 1 will encipher it and will send it out to the external 
network 3. Supposing it uses the above-mentioned PEM in the case of an electronic 
mail, it will set in the encryption section 13. The e-mail text is enciphered with the key 
(share key) of a shared key encryptosystem system. Again In the transmission place 
certificate acquisition section 14, the certificate of a transmission place is got by a 
certain approach, and the public key of the public-key-encryption system of a 
transmission place is picked out from the transmission place certificate. With the 
taken-out public key of a transmission place The electronic signature which was 
further created with the private key (GW private key) 16 of a public-key-encryption 
system in addition to the e-mail text and the share key which enciphered the share 
key used for encryption of the e-mail text and were these-enciphered further, The 
certificate (GW certificate) 15 (or certificate of the engine which published the GW 
certificate 15 in addition to the GW certificate 15) of the gateway is unified, and it 
sends out to the external network 3. 

[0006] In the accepting station by the side of the external network 3, the share key 
enciphered with its own public key under received mail is decrypted with its own 
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private key, and the e-mail text is decrypted with the decrypted share key. 
Furthermore, the public key (GW public key 18) of the gateway system 1 is distributed 
according to the demand from the terminal of the external network 3, decrypts the 
electronic signature of e-mail with the distributed GW public key in the accepting 
station of the external network 3, and checks Shinsei [ the mail ]. 
[0007] On the other hand, when communicating from the external network 3 to the 
internal network 2, in the master station of the external network 3, with a share key, 
correspondence is enciphered, and the share key used for encryption of 
correspondence is enciphered with got GW public key, and the certificate of electronic 
signature and dispatch origin, the certificate of the certificate issue origin, etc. are 
further added to the correspondence and the share key which were these-enciphered, 
and it transmits to the gateway system 1. 

[0008] In the decryption section 1 1 of the gateway system 1 , the share key with which 
it was enciphered under received mail is decrypted with the GW private key 1 6, and 
the e-mail text is decrypted with the decrypted share key. Furthermore electronic 
signature is checked, and if correct to a signature, correspondence will be transmitted 
to the internal network 2. In the accepting station of the internal network 2, the 
correspondence already decrypted by the gateway system 1 can be received, and the 
correspondence can be read as it is. 
[0009] 

[Problem(s) to be Solved by the Invention] By the way, in the case of the Internet, 
there is a possibility that a communicative transmission place may be altered by the 
malicious user. When the user A of the external network 3 shown in drawing 7 
(terminal A) transmits correspondence towards the user B of an internal network 
(terminal B), User C can control [ the user C of the malice on an external network ] 
the destination of the correspondence. When it rewrites to the user D of the internal 
network 2, the correspondence from the user A on an external network reaches User 
D, without reaching the user B on an internal network. It leaks to User C and there is 
a problem of it becoming impossible to protect the privacy of the correspondence 
addressed to User B from User A. 

[0010] This invention aims at offering the gateway system by which the 
communicative secret was maintained at altitude in view of the above-mentioned 
situation. 
[0011] 

[Means for Solving the Problem] The gateway system of this invention which attains 
the above-mentioned purpose The 1st communication line and the 1st network which 
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has two or more 1st terminals which perform data communication via the 1st 
communication line, In the 2nd communication line and the gateway system which 
mediates between the data communication between the 2nd network which has two 
or more 2nd terminals which perform data communication via the 2nd communication 
line The 1st receiving means which receives the data which have communicated via 
the 2nd communication line of the above, The 1st transmitting means which transmits 
data to the 1st communication line of the above, and the 1st database with which a 
private key corresponding to each 1st terminal of the above which is mutually 
different was registered, Have been transmitted towards the 1st accepting station of 
either of the 1st terminal of the above via the 2nd communication line of the above. It 
is characterized by having a decryption means to decrypt the data enciphered with 
the public key of the 1st accepting station with the private key of the 1st accepting 
station read from the 1st database of the above, and to pass them to the transmitting 
means of the above 1 st. 

[0012] Here the gateway system of above-mentioned this invention Furthermore, the 
2nd receiving means which receives the data transmitted via the 1st communication 
line of the above, The 2nd transmitting means which transmits data to the 1st 
communication line of the above, and the 2nd database with which the public key of 
the 2nd terminal of the above is registered, It is desirable to have an encryption means 
to encipher with the public key of the 2nd accepting station read from the 2nd 
database of the above, and to pass the data transmitted towards the 2nd accepting 
station of either of the 2nd terminal of the above via the 1st communication line of the 
above to the transmitting means of the above 2nd. 

[0013] Moreover, above-mentioned this invention is equipped with a transmission 
place public key acquisition means to order and register the public key of the 2nd 
accepting station from a predetermined public key distribution station when the public 
key of the 2nd accepting station of the above is not registered into the 2nd database 
of the above in the gateway system, and it is desirable that the 2nd database of the 
above is that to which only a predetermined period holds the registered public key. 
[0014] Furthermore, in the gateway system of above-mentioned this invention, the 
1st database of the above is a mode also with desirable also having a public key 
distribution means by which come to register the public key of the 1st terminal, and 
the gateway system turns the public key of the 1st terminal of the above to the 2nd 
network of the above, and distributes it with the private key of the 1st terminal of the 
above. 

[0015] Moreover, when the 1st terminal by which the gateway system of 
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above-mentioned this invention was connected to the 1st communication circuit of 
the above has fluctuation, it is also a desirable mode to have a data-base-updating 
means to update the contents of registration of the 1st database of the above 
according to fluctuation of the 1st terminal. Furthermore, in the gateway system of 
above-mentioned this invention, it is also a desirable mode to come to connect the 
1st database of the above with the location which made the 1st communication line of 
the above intervene between the above-mentioned decryption means. 
[0016] 

[Embodiment of the Invention] Hereafter, the operation gestalt of this invention is 
explained. Drawing 1 is the outline block diagram of the 1st operation gestalt of the 
gateway system of this invention. In this drawing 1 and each drawing mentioned later, 
the same sign as the number given to drawing explained previously is attached and 
shown in the same component as the gateway structure-of-a-system element shown 
in drawing explained ahead of that drawing, duplication explanation is omitted and only 
difference explains it. 

[0017] The gateway system 1 shown in this drawing 1 is equipped with the user public 
presentation / private key database 21 with which a public key which is different to 
every [ of the internal network 2 ] user (terminal), and the private key were registered, 
and the user certificate database 22 with which the certificate of the user of the 
internal network 2 was registered. If correspondence is sent towards a certain 
accepting station by the side of an external network from a certain master station by 
the side of the internal network 2 and the gateway system 1 receives the 
correspondence, in the gateway system 1, it will set in the encryption section 13. 
Although the received communicated part is enciphered using the public key of the 
transmission place obtained by the transmission place public key acquisition section 
14 and being sent out to an external network The electronic signature using a sending 
agency user's private key thru/or GW private key read from the certificate of the user 
of the dispatch origin read from the user certificate database 22, the GW certificate 
15, and the user public presentation / private key database 22 is added in that case. 
[0018] In the accepting station by the side of an external network, if the 
correspondence enciphered by the gateway system 1 is received, the correspondence 
will be decrypted using the public key of the gateway, and a sending agency user s 
public key. On the other hand, in case correspondence is sent to the internal network 
2 from the external network 3 side, in the master station by the side of the external 
network 3, the public key of a proper comes to hand to the accepting station by the 
side of the internal network 2, and correspondence is enciphered and sent out using 
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the public key. In the gateway system 1 t a transmission place users private key is 
read from user public presentation / private key database 21, correspondence is 
decrypted using the private key. and it sends out towards the accepting station of the 
internal network 72. 

[0019] Thus, with the 1st operation gestalt shown in drawing 1 , on the gateway 
system 1 t since a different private key for every user of the internal network 2 is held, 
even if a communicative transmission place is altered by the holder in bad faith of the 
external network 3 which is not secure, only the user of the just reception place of the 
internal network 2 can read correspondence, but communicative privacy is secured. 
[0020] Drawing 2 is the outline block diagram of the 2nd operation gestalt of the 
gateway system of this invention. Difference with the 1st operation gestalt shown in 
drawing 1 is explained. In drawing 2 , the user registration management server 20 
manages the user by whom it was registered in the internal network 2. At the time of 
user registration, the user registration Management Department 202 registers User 
Information to the User Information database 201. Moreover, to the gateway system 1, 
based on User Information to which User Information has been sent, delivery, and the 
user public presentation / private key generation section 210 generate public 
presentation / private key pair of a user proper, and the user registration Management 
Department 202 registers it to user public presentation / secret database 21. 
Furthermore, the user certificate issue section 230 publishes a user's certificate from 
the public key of User Information and a user (generation), and registers it to the user 
certificate database 22. 

[0021] According to this 2nd operation gestalt, subscription of the user of the internal 
network 2 and modification can be coped with easily. Drawing 3 is the outline block 
diagram of the 3rd operation gestalt of the gateway system of this invention. 
Difference with the 1st operation gestalt shown in drawing 1 is explained. In drawing 3 , 
the public key (certificate) distribution section 19 performs distribution of the user 
certificate read from the user public key or the user certificate database 22 read from 
the user public key / private key DB database 21, the GW public key 18, or the GW 
certificate 15 in response to the public key (certificate) distribution request from the 
external network 3. 

[0022] Thus, the gateway system 1 may be made to serve as the public key 
distribution station which distributes its own [ the internal network 2 and ] public key. 
Drawing 4 is the outline block diagram of the 4th operation gestalt of the gateway 
system of this invention. With this operation gestalt, the user certificate management 
server 23 which manages the certificate of the user by the side of the internal 
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network 2, the user public presentation / private key management server 24 which 
similarly manages the public key for every user by the side of the internal network 2 
and a private key, GW private key management server 25 which manages the private 
key of the gateway system 1, and GW certificate management server 26 which 
manages the certificate of the gateway system 1 are arranged by each in the internal 
network 2. 

[0023] In drawing 4 , at the time of the communication link to the external network 3 
from the internal network 2 t the transmission place public key acquisition section 14 
receives the public key of a transmission place with a certain means, and 
correspondence (or a temporary share key) is enciphered with the key. Furthermore, 
GW certificate acquisition section 100 communicates with GW certificate 
management server 26 in an internal network, lets GW certificate Management 
Department 261 on GW certificate management server 26 pass, and acquires the GW 
certificate 260. Moreover, GW private key acquisition section 160 communicates with 
GW private key management server 25 in the internal network 2, lets GW private key 
Management Department 25 on GW private key management server pass, and 
acquires the GW private key 250. The user certificate acquisition section 220 is a 
deed about the user certificate management server 23 in the internal network 2, and a 
communication link. It lets the user certificate Management Department 231 on the 
user certificate management server 23 pass, and the user certificate read from the 
user certificate database 230 is acquired. Moreover, the user private key acquisition 
section 210 communicates with the user public presentation / private key 
management server 24 in the internal network 2, lets the user private key 
Management Department 241 on user public presentation / private key management 
server 24 pass, and acquires the user private key read from user public presentation / 
private key database 240. Finally, the electronic signature by encryption 
correspondence, the user private key, or GW private key, a user certificate, and GW 
certificate are unified, and it transmits to the external network 3. 
[0024] In order [ from the external network 3 to the internal network 2 ] to obtain the 
private key of the user of a reception place in a communication link, the user private 
key acquisition section 210 communicates with the user public presentation / private 
key management server 24 in the internal network 2, and acquires a user private key 
through the user private key Management Department 241 on user public 
presentation / private key management server 24. In the decryption section 1 1. 
correspondence is decrypted with a private key and a plaintext is transmitted to the 
reception place of the internal network 2. 
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[0025] It is not on body section of gateway system 1a exposed to the external 
network 3 which is not secure with the operation gestalt shown in this drawing 2 , 
Since the server which manages a cryptographic key is placed on the secure internal 
network 2, body section of gateway system 1a communicates with the server and 
various kinds of keys and certificates are acquired Also by the attack by the user of 
the malice from the external network 3, it is hard to reveal a cryptographic key and 
the internal network 2 can be maintained at a secure environment. 
[0026] Drawing 5 is the detail block diagram of the part which transmits 
correspondence towards an external network from the internal network of 1 operation 
gestalt of the gateway system of this invention. In drawing 5 , a receive section 130 
receives the correspondence from an internal network. The transmission place 
analysis section 140 analyzes the transmission place of correspondence, and the 
public key read-out section 141 reads the public key of a transmission place from the 
transmission place public key database 142. When the public key of a transmission 
place is not registered into the transmission place public key database 142 at this 
time, a command is issued to the public key demand section 144 so that a public key 
may be acquired from the external network 3. Requesting the registration to the 
transmission place public key database 142 which the public key demand section 144 
required the public key of a transmission place, acquired the public key of a 
transmission place to the public key distribution station 30 on an external network, 
and was further acquired in the public key registration section 143, the public key 
registration section 143 registers into the transmission place public key database 142 
the transmission place public key from which registration was requested. 
[0027] The public key registration section 143 will delete the registered transmission 
place public key from the transmission place public key database 142, if fixed time 
amount progress is measured and carried out from the time of registering a 
transmission place public key into the transmission place public key database 142. By 
carrying out like this, it is prevented that the transmission place public key used no 
longer occupies the memory area of the transmission place public key database 142 
forever. 

[0028] The share key generation section 132 generates an effective share key at 
random temporarily. The share key system encryption section 131 enciphers the 
correspondence text with a share key. Moreover, the share key itself is enciphered 
with a transmission place public key in the public-key-encryption-ized section 133. 
Moreover, on the other hand, the electronic signature section 134 applies the 
correspondence text to the Hash Functions (MD5 etc.) of tropism, and enciphers it 
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with the GW private key 16 further. Or as a dotted line shows to drawing 5 , you may 
encipher with a users private key. Finally the integrated section 135 combines the 
encryption text, an encryption share key, electronic signature, the GW certificate 1 5, 
and the sending agency user certificate read from the user certificate database 22, 
and the transmitting section 136 sends out the combined correspondence to an 
external network. 

[0029] Since the transmission place public key acquired once is managed by the 
transmission place public key database 142 according to the operation gestalt shown 
in this drawing 5 , when sending correspondence to the same transmission place, a 
public key acquisition demand to the public key distribution office 30 of an external 
network can be managed with once, and efficient cryptocommunication becomes 
possible. Drawing 6 is the detail block diagram of the part which transmits 
correspondence towards an internal network from the external network of 1 operation 
gestalt of the gateway system of this invention. 

[0030] In drawing 6 , a receive section 1 10 receives the correspondence to an internal 
network from an external network. The division section 1 1 1 divides the various 
information included in correspondence. The reception place analysis section 112 
analyzes the reception place user in an internal network. The private key read-out 
section 1 13 reads a reception place users private key from user public presentation / 
private key DB database 21. The public key system decryption section 114 decrypts 
the encryption share key passed from the division section 1 1 1 with a reception place 
user s private key, and takes out a share key. Using the taken-out share key, the 
share key system decryption section 1 15 decrypts the encryption text, and returns it 
to a plaintext. The sending agency certificate Banking Inspection Department 116 
inspects the justification of a sending agency certificate using the public key of 
certificate issue origin, and takes out the public key of a sending agency. The 
electronic signature Banking Inspection Department 1 17 decrypts electronic signature 
with the public key of a sending agency, and takes out the result which is a sending 
agency and was applied to the communication link text at the Hash Function. 
Furthermore, in order to check that the contents of the correspondence text are not 
altered, the result taken out from electronic signature is compared with the result 
multiplied by the Hash Function to the correspondence text acquired in the share key 
system decryption section 1 15. If those results are the same, the transmitting section 
1 18 will transmit correspondence towards the reception place user in an internal 
network 

[0031] Since correspondence is decrypted with the private key for every user of an 
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internal network according to the operation gestalt shown in this drawing 6 and only 
the correspondence transmitted to the just addressee in an internal network can be 
correctly decoded even if the holder in bad faith of the external network which is not 
secure alters a transmission place, the privacy of correspondence is protected. 
[0032] 

[Effect of the Invention] As explained above, according to this invention, the gateway 
system with high safety by which the privacy of correspondence was protected is built 



[Translation done.] 
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